package com.demo.config;


import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;

import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

/**
 * @ClassName ShiroConfig
 * @Description TODO
 * @Author Windy
 * @Date 2022/9/16 20:57
 * @Version 1.0
 **/
@Configuration
public class ShiroConfig {

    /**
     * 设置加密格式
     * @return
     */
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher() {
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        //设置需要执行的加密算法的名称
        matcher.setHashAlgorithmName("MD5");
        //设置散列次数
        matcher.setHashIterations(1024);
        //设置编码后的大小写 默认值为false 小写
        matcher.setStoredCredentialsHexEncoded(true);
        return matcher;
    }

    /**
     * 为自定义Realm设置加密算法
     * @param hashedCredentialsMatcher
     * @return
     */
    @Bean("realm")
    public MyRealm myRealm(HashedCredentialsMatcher hashedCredentialsMatcher) {
        MyRealm myRealm = new MyRealm();
        //设置加密算法
        myRealm.setCredentialsMatcher(hashedCredentialsMatcher);

        return myRealm;
    }

    /**
     *  设置默认安全管理器
     */
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("realm") MyRealm myRealm) {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(myRealm);

        return manager;
    }

    /**
     * 配置拦截器工厂注册器
     * @param defaultWebSecurityManager
     * @return
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        //默认登陆页面
        shiroFilterFactoryBean.setLoginUrl("/to/toLogin");
        //无权限跳转页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/to/unPermission");

        Map<String,String>map= new HashMap<>();
        //默认拦截所有页面对其判断权限
        map.put("/stu/**","authc");
        map.put("/to/toFindAll","authc");
        map.put("/","authc");
        map.put("/to/toEditStu","authc");
        //对登陆进行不拦截
//        map.put("/to/**","authc");
        map.put("/user/**","anon");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

        return shiroFilterFactoryBean;
    }

    /**
     * 设置代理,用以开启注解配置
     */
    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
        creator.setProxyTargetClass(true);

        return creator;
    }

    /**
     *相当于一个切点用以增强类
     * @param defaultWebSecurityManager
     * @return
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager defaultWebSecurityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor =
                new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager);

        return authorizationAttributeSourceAdvisor;
    }

}
